We can use static ARP entries on hosts or routers to reduce ARP-traffic or to prevent ARP-spoofing. For such entries we need pairs of MAC-addresses and IP-addresses. The same information we also need for static DHCP-entries on a DHCP-server. Why not combine?

If someone attacks a linux-system, most administrator would block the ip-address of the attacker using iptables-rules. But there is another method to block the address of an attacker: nullroutes. A Nullroute simply directs to nowhere.